NB: This writeup was part of an assignment for school, but I thought it might be a helpful article to share with friends and family who are interested in bitcoin and cryptocurrency when the topic inevitably comes up over the holidays.
The rapid rise in the price of cryptocurrencies, such as bitcoin and Ethereum, has created a security need for users.
One bitcoin is over $17,000 USD as of 12/12/2017. There are likely to be many unsecured bitcoin wallets on computers or smartphones, and attackers are surely using every tool at their disposal to find them.
Bitcoin wallets do not actually hold tokens. They hold private keys, which allow a user to access their tokens on the blockchain. Bitcoin is based on public/private key cryptography, so there is a public address that can be shared openly, without fear of the private key being discovered.
Taking care to secure one’s private key is incredibly important. Bitcoin has no insurance. If one loses the private keys, one loses access to his bitcoins. It is obvious that bitcoin is not for beginners, but one does not need to be an expert to use this technology with intelligence and security.
There are many ways to securely store one’s bitcoins. It is important to distinguish between three major methods: exchange, hot wallets, and cold storage. Each method has its strengths and weaknesses, and each strikes a different balance between security and usability.
The method most commonly used to hold a bitcoin right now is on a bitcoin exchange, such as Coinbase. Coinbase is a San Francisco based company that allows US citizens to purchase bitcoins funded by bank wire transfers or credit card purchases. The user interface is uncomplicated. There is also some insurance in case of a theft, and USD stored on Coinbase are FDIC insured. When bitcoins (or other cryptocurrencies) are held on an exchange, the private keys are not held by the customer.
This is the danger of using exchanges. The infamous Mt Gox was a bitcoin exchange that was poorly managed by Mark Karpeles. In 2013, Mt Gox was hacked and a great deal of bitcoins were stolen. Customers are still waiting for their money back. Since Mt Gox, most early bitcoin adopters have chosen to hold their private keys.
A hot wallet exists when one’s private keys are held on a computer or device that is connected to the internet. This could be a cell phone or laptop, for instance. Hot wallets allow users to make transactions more easily. Some examples of hot wallets are the ethereum wallet or Jaxx.
Hot wallets can be made more secure, however. Encrypting a hot wallet is a best practice. Users should encrypt their wallet with a long passphrase that can be saved in a password manager program such as LastPass, using best practices such as a mixture of upper/lowercase/numbers/special characters and a minimum length of 30 characters.
Hot wallets can be useful for day to day transactions and holding no more than one or two hundred dollars at any time.
Cold storage is generally used for greater sums of cryptocurrency, and provides users with a far greater sense of security than a hot wallet or exchange. Cold storage involves using an offline method to store private keys. The three approaches below provide different mixes of security and usability.
A common method of cold storage is printing a paper wallet. It is easy to print a paper wallet: one can use the website https://myetherwallet.com and follow the instructions. The private key will be printed onto a piece of paper. This should not be done with a public printer, and if a great deal of funds will be stored in this address, it might be worth it to destroy the printer’s memory after printing it. This might be a little drastic, but could be inexpensive enough if the printer is acquired from a garage sale.
One of the greatest features of open source software and development is that users can be as paranoid as they want to be. Some users will build their own PC, or buy a laptop with cash, remove all internet connection devices, install the bitcoin wallet on the device, hash it to ensure it matches the hash of the secure release, and make new keys on the device. These private keys are air gapped; they will never touch the internet or be accessible from outside the device unless physical access to the device is granted.
Users can still send bitcoins using a cold storage device; it is just more cumbersome. As always,there is a tradeoff: security vs usability. Sending a bitcoin using cold storage tokens requires information about the public address to be written into the machine by hand, and then the hash from the machine is hand typed into an internet connected device. This ensures that only the transaction that was made will take place.
The best exchanges today, like Coinbase, keep their private keys in cold storage to prevent another Mt Gox scenario.
There is still one more cold storage solution, and it strikes a very good balance between usability and security: a hardware wallet. Hardware wallets are special devices that are designed to act as cold storage devices and maintain private keys on the device, while not letting the private keys outside it, ever. Hardware wallets are moderately technical to use. While they are generally the size of a USB stick, the interfaces have a learning curve.
The best part about hardware wallets is they will erase themselves after three unsuccessful attempts to guess that four digit PIN used to access them. In case a poorly coordinated bitcoin owner finds himself with an erased device, they can use the backup 24 seed word recovery that they set up when they first enabled the device. This 24 seed word sequence should be guarded like the device itself; it can be used to access one’s bitcoins, Ethereum, and any other tokens held on the device. The two most common hardware wallets are made by Trezor and Ledger.
Cryptocurrency is everywhere right now, with the bitcoin price making daily headlines and many people swarming into without thinking about the unique security methods they must use when buying it. Protecting one’s private keys is the single most important action a user must take when buying and storing cryptocurrency. Hopefully, this guide will help people understand their responsibilities and the best practices to follow.
Definitely just saved me from saying this over and over. Just sent over the link to this and they are good.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That was my thought!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank you for this informative article, read here to know about how to keep your crypto safe -
https://blog.coinswitch.co/how-to-protect-your-crypto-holdings-with-a-private-wallet-ad2c6070778d
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit